CVE-2024-55599
BaseFortify
Publication date: 2025-07-08
Last updated on: 2025-07-22
Assigner: Fortinet, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fortinet | fortios | From 7.4.0 (inc) to 7.4.9 (inc) |
| fortinet | fortiproxy | From 7.6.0 (inc) to 7.6.4 (inc) |
| fortinet | fortiproxy | From 7.6.0 (inc) to 7.6.4 (inc) |
| fortinet | fortisase | 24.4.32 |
| fortinet | fortios | From 7.4.0 (inc) to 7.4.9 (inc) |
| fortinet | fortios | 7.6.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-358 | The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improperly implemented security check in certain versions of FortiOS and FortiProxy. It allows a remote unauthenticated user to bypass the DNS filter when using Apple devices, potentially circumventing security controls designed to filter DNS traffic.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to bypass DNS filtering protections, which may lead to exposure to malicious websites or content that would normally be blocked. This could increase the risk of phishing, malware infections, or other security incidents.